1. Field of the Invention
The invention concerns a process and devices for the packet-oriented transmission of security-relevant data.
2. Description of Related Art
Particularly in the transmission of security-relevant data over an unsecured medium such as, for example, a common network and/or bus system. Such data is usually added a high-grade redundancy so that almost all statistical and systematic errors of the overall transmission system do not have any negative impact on the integrity of the data. As a result, compliance to high security-related requirements with respect to the communication between individual network or bus users is achieved.
As a rule this is done by the extension of the security-relevant data by a data securing value which is generated on the basis of the security-relevant data and added to the security-relevant data of a data packet to be transmitted in accordance with the underlying protocol.
The patent application DE 100 65 907 A1 open to public inspection, for example, reveals a process that is based on the generally known principle of ‘redundancy cross referencing’. In this, at the side of the sender, security-relevant data supplied over one or two channels, depending on the type of application, is edited in a twofold manner, i.e., in two data packets, and independently from each other using redundant information and then sent to the recipient over separate connections or time-delayed one after the other over a single connection. Depending on the application the data content of one of the two edited security-oriented data packets may also show inverted data or other additional interleaving to recognize, for example, also systematic errors in the senders, receivers and/or other units involved in the transmission of the data. In addition to this, the mentioned application open to the public provides for a cross-reference verification of the two edited data packets for correctness at the side of the sender and/or receiver by reviewing the respectively added redundancy.
The complete state-of the-art security-oriented message is then, for example, structured as shown in the attached hereto FIG. 3 whereas this security-oriented message comprises two data packets 3 and 3′. According to FIG. 3 the security-relevant data contain—besides the user data as such—additional control data whereas each of the data packets 3 and 3′ contains this data with the same information content, but differently coded. In addition to this, each data packet 3 or 3′ contains a block of redundant information (CRC or CRC) generated on the basis of the security-relevant data.
A substantial disadvantage of this principally known state-of-the-art process, however, is to be found in particular in the unfavorable relation between the user data length and the overall data length which even gets worse with a decreasing volume of user data to be transmitted per data packet as is, for example, the case with an interbus.